DDoS Attacks Delay Trains and Disrupt Services in Sweden

Distributed Denial-of-Service (DDoS) attacks against multiple Swedish transportation agencies that occurred over the span of two days caused travel delays and disruptions. On October 11, a DDoS attack targeted the Swedish Transport Administration, Trafikverket, via its two internet service providers, TDC and DGC, crashing the IT system that manages train orders and causing train delays. The attack also impacted the agency’s email system, website, and road traffic maps, preventing travelers from making online reservations or receiving updates about the delays. Trafikverket restored service in a matter of hours; however, delays affected train operations for an entire day. The following day, on October 12, DDoS attacks targeted two other agencies, impacting the website of the Swedish Transport Agency, Transportstyrelsen, and crashing the ticket booking app and online travel planning service of the public transport operator, Västtrafik. These attacks highlight the importance of having a proper DDoS mitigation strategy in place prior to an attack. The NJCCIC recommends organizations have DDoS mitigation services established through a managed security service provider and/or their internet service provider and have an incident response and recovery plan in place.

Reference in this site to any specific commercial product, process, or service, or the use of any trade, firm or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favoring by the NJCCIC and the State of New Jersey.